imported mails

author: distix ticketing system <distix@pieni.net> 2018-04-01 15:47:04 +0000
committer: distix ticketing system <distix@pieni.net> 2018-04-01 15:47:04 +0000
commit: c4508ae6abb9a7246336930b19b2f1b88f16f2de (patch)
tree: 267f0e1c8f05aa9eeb3bee2f94b43030daf75e31
parent: da29002d8f6b162de89c13ab84f476366b2f22f7 (diff)
download: ick-devel-distix-c4508ae6abb9a7246336930b19b2f1b88f16f2de.tar.gz
1 files changed, 111 insertions, 0 deletions
diff --git a/tickets/4bbc9995f89d40c59451b743be4a4811/Maildir/new/1522597623.M893233P20845Q1.koom b/tickets/4bbc9995f89d40c59451b743be4a4811/Maildir/new/1522597623.M893233P20845Q1.koom
new file mode 100644
index 0000000..21d2209
--- /dev/null
+++ b/tickets/4bbc9995f89d40c59451b743be4a4811/Maildir/new/1522597623.M893233P20845Q1.koom
@@ -0,0 +1,111 @@
+Return-Path: <ick-discuss-bounces@ick.liw.fi>
+X-Original-To: distix@pieni.net
+Delivered-To: distix@pieni.net
+Received: from yaffle.pepperfish.net (yaffle.pepperfish.net [88.99.213.221])
+	by pieni.net (Postfix) with ESMTPS id 8726942E09
+	for <distix@pieni.net>; Sun,  1 Apr 2018 15:46:12 +0000 (UTC)
+Received: from platypus.pepperfish.net (unknown [10.112.101.20])
+	by yaffle.pepperfish.net (Postfix) with ESMTP id 485CE417C7
+	for <distix@pieni.net>; Sun,  1 Apr 2018 16:46:12 +0100 (BST)
+Received: from ip6-localhost.nat ([::1] helo=platypus.pepperfish.net)
+	by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian))
+	id 1f2fBM-00058s-76; Sun, 01 Apr 2018 16:46:12 +0100
+Received: from koom.pieni.net ([88.99.190.206] helo=pieni.net)
+ by platypus.pepperfish.net with esmtpsa (Exim 4.80 #2 (Debian))
+ id 1f2fBL-00058f-9Z
+ for <ick-discuss@ick.liw.fi>; Sun, 01 Apr 2018 16:46:11 +0100
+Received: from exolobe3 (62-78-212-250.bb.dnainternet.fi [62.78.212.250])
+ by pieni.net (Postfix) with ESMTPSA id 9AB0E42E09
+ for <ick-discuss@ick.liw.fi>; Sun,  1 Apr 2018 15:46:10 +0000 (UTC)
+Message-ID: <1522597569.2971.19.camel@liw.fi>
+From: Lars Wirzenius <liw@liw.fi>
+To: ick-discuss@ick.liw.fi
+Date: Sun, 01 Apr 2018 18:46:09 +0300
+In-Reply-To: <1522593545.2971.15.camel@liw.fi>
+References: <1522571699.2971.5.camel@liw.fi>
+ <1522581877.10476.1@ssh.steve.org.uk> <1522593545.2971.15.camel@liw.fi>
+X-Mailer: Evolution 3.22.6-1+deb9u1 
+Mime-Version: 1.0
+X-Pepperfish-Transaction: bb2b-5528-6168-51fe
+X-Pepperfish-Transaction-By: platypus
+Subject: Re: What's needed before ick is ready for others to use?
+X-BeenThere: ick-discuss@ick.liw.fi
+X-Mailman-Version: 2.1.5
+Precedence: list
+List-Id: discussions about the ick CI system <ick-discuss-ick.liw.fi>
+List-Unsubscribe: <https://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/ick-discuss-ick.liw.fi>,
+ <mailto:ick-discuss-request@ick.liw.fi?subject=unsubscribe>
+List-Archive: <http://listmaster.pepperfish.net/pipermail/ick-discuss-ick.liw.fi>
+List-Post: <mailto:ick-discuss@ick.liw.fi>
+List-Help: <mailto:ick-discuss-request@ick.liw.fi?subject=help>
+List-Subscribe: <https://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/ick-discuss-ick.liw.fi>,
+ <mailto:ick-discuss-request@ick.liw.fi?subject=subscribe>
+Content-Type: multipart/mixed; boundary="===============2741052614440174831=="
+Mime-version: 1.0
+Sender: ick-discuss-bounces@ick.liw.fi
+Errors-To: ick-discuss-bounces@ick.liw.fi
+
+
+--===============2741052614440174831==
+Content-Type: multipart/signed; micalg="pgp-sha512";
+ protocol="application/pgp-signature"; boundary="=-h+ElDqucLh3t1HSituM9"
+
+
+--=-h+ElDqucLh3t1HSituM9
+Content-Type: text/plain; charset="UTF-8"
+Content-Transfer-Encoding: quoted-printable
+
+On Sun, 2018-04-01 at 17:39 +0300, Lars Wirzenius wrote:
+> On Sun, 2018-04-01 at 11:24 +0000, Steve Kemp wrote:
+> >  I suspect there is a security problem with the artifact server, but
+> >=20
+> >  despite reading the architecture guide I'm missing the ability to
+> >  confirm it.
+>=20
+> Er, yes, I think you're right. The paths should be sanitised. Thanks
+> for pointing that out, I will fix asap.
+
+It turns out that this isn't actually a hole. bottle won't match
+anything with / in it in the route for a blob. Encoding it as %2F
+doesn't seem to help. Thus it seems the artifact store is safe for
+this.
+--=-h+ElDqucLh3t1HSituM9
+Content-Type: application/pgp-signature; name="signature.asc"
+Content-Description: This is a digitally signed message part
+Content-Transfer-Encoding: 7bit
+
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEETNTnrewG6wEE1EJ3bC+mFux6IDEFAlrA/sEACgkQbC+mFux6
+IDErJA/8C/Xwx29iza+ifTVhJ8xu9LA/9rs5ndZxNsstX1qU3ZlI236BOCpoYTUE
+zHFx1cT/1qgamjZ5JSBVdXu6gAxeZG3Ije1GjPIWMZNwW1ENVjl5jmEHI3XsTFr9
+FKLumXrmx25qlcgvKhLtR/5rS2FexbsRPwaO44rcPL8sVjtW/I78yncZI4etLYgk
+Up1G505rOueWbq5dSmtSXdvWW3Yqej/EfiKY5+DJzJDkp6JTd0qEpNv0n0Sxk6gW
+xAZZEmUF2zh4KLuubmw8rUlaHC0DCIyCjAq76bJrnw9PQgnCLUw0O5yA2XIwuQMb
+u4j0hhlOnDz++sbeiHY/xczdi6JdCOCNgqedkFhvAr5kzxM9eBLJMB6RahVfRFC0
+2eoVhGQ+30jZqa8xd82jo3yF7r+YlRgwAxtY5QSCcGHTRLs5NnjjcRnQ0Xz1+X0C
+j+0CaoL4FnUmdtSDERaJX/0S5eYIpj7Rosj/43KBlvM/Z1SqOdwE1xU8XKh4EnW6
+WBUheHIPA1+YM8BdQtGqqr3akDE8ZOnO3fJWblIXSQEX4syYqxovHutHpOyq428K
+lzi5+/M0fXCqkUgS6AKhf1OQPo7TITCZzbxH11I0U1N61SWxHxJsW+PNE4bidF7e
+VAYigBVM5ixHRkcE7SEMx+WIzT2+Zf704hekedWkyYi8rXnk6gE=
+=71z+
+-----END PGP SIGNATURE-----
+
+--=-h+ElDqucLh3t1HSituM9--
+
+
+
+--===============2741052614440174831==
+Content-Type: text/plain; charset="us-ascii"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Content-Disposition: inline
+
+_______________________________________________
+ick-discuss mailing list
+ick-discuss@ick.liw.fi
+https://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/ick-discuss-ick.liw.fi
+
+--===============2741052614440174831==--
+
+
author	distix ticketing system <distix@pieni.net>	2018-04-01 15:47:04 +0000
committer	distix ticketing system <distix@pieni.net>	2018-04-01 15:47:04 +0000
commit	c4508ae6abb9a7246336930b19b2f1b88f16f2de (patch)
tree	267f0e1c8f05aa9eeb3bee2f94b43030daf75e31
parent	da29002d8f6b162de89c13ab84f476366b2f22f7 (diff)
download	ick-devel-distix-c4508ae6abb9a7246336930b19b2f1b88f16f2de.tar.gz